PT-2023-19049 · Gallagher · Gallagher Command Centre
Published
2023-12-18
·
Updated
2024-01-05
·
CVE-2023-23570
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Gallagher Command Centre versions 8.80 and prior
Gallagher Command Centre versions 8.90 prior to vEL8.90.1620 (MR2)
Description
The Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed, leading to invalid configuration with undefined behavior.
Recommendations
For Gallagher Command Centre versions 8.80 and prior, update to version 8.90 or later and then apply the update to vEL8.90.1620 (MR2) or later.
For Gallagher Command Centre versions 8.90 prior to vEL8.90.1620 (MR2), update to vEL8.90.1620 (MR2) or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gallagher Command Centre